A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability. An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticate ...
A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability. An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticate ...
The host is installed with Apache HTTP Server through 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in lua_websocket_read function in lua_request.c in mod_lua module, which fails to handle crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. Successful exploitation will allow remote attackers to cause a denial of service (child-process cr ...
The host is installed with Apache HTTP Server 2.4.x before 2.4.14 and is prone to a security bypass vulnerability. A flaw is present in the ap_some_auth_required function in server/request.c, which does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting. Successful exploitation will allow remote attackers to bypass intended a ...
The host is installed with Apache HTTP Server 2.2.x or 2.4.x before 2.4.14 and is prone to HTTP request smuggling attack vulnerabilities. The flaws are present in the chunked transfer coding implementation, which does not properly parse chunk headers. Successful exploitation will allow remote attackers to conduct HTTP request smuggling attacks, related to mishandling of large chunk-size values and ...
The host is installed with Apache Subversion before 1.7.21, 1.8.x before 1.8.14 or Apache HTTP Server 2.4.x through 2.4.12 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to properly restrict anonymous access. Successful exploitation could allows anonymous users to read hidden files via the path name.
The host is installed with Apache HTTP Server before 2.4.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails by proceeding with save operations for a session without considering the dirty flag. Successful exploitation could allow remote attackers to an unspecified impact and remote attack vectors.
The host is installed with Apache HTTP Server 2.4.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle enablement of caching forward proxy. Successful exploitation could allow remote HTTP servers to cause denial of service (NULL pointer dereference and daemon crash).